[Secure-testing-commits] r21240 - data/CVE
Michael Gilbert
mgilbert at alioth.debian.org
Tue Feb 12 02:42:44 UTC 2013
Author: mgilbert
Date: 2013-02-12 02:42:44 +0000 (Tue, 12 Feb 2013)
New Revision: 21240
Modified:
data/CVE/list
Log:
isc-dhcp triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-11 21:56:46 UTC (rev 21239)
+++ data/CVE/list 2013-02-12 02:42:44 UTC (rev 21240)
@@ -5697,9 +5697,11 @@
CVE-2012-5689 (ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain ...)
- bind9 <unfixed> (bug #699145)
[squeeze] - bind9 <not-affected> (Only affects Bind 9.8 and 9.9)
+ - isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
CVE-2012-5688 (ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 ...)
- bind9 1:9.8.4.dfsg.P1-1 (bug #695192)
[squeeze] - bind9 <not-affected> (Only affects 9.8 and 9.9)
+ - isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
CVE-2012-5687 (Directory traversal vulnerability in the web-based management feature ...)
NOT-FOR-US: TP-LINK TL-WR841N router
CVE-2012-5686
@@ -7077,6 +7079,7 @@
CVE-2012-5166 (ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before ...)
{DSA-2560-1}
- bind9 1:9.8.1.dfsg.P1-4.3 (bug #690118)
+ - isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
CVE-2012-5165
RESERVED
CVE-2012-5164 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before ...)
@@ -9728,6 +9731,7 @@
{DSA-2547-1}
- bind9 1:9.8.4.dfsg-1 (bug #693015)
[wheezy] - bind9 1:9.8.1.dfsg.P1-4.4
+ - isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
CVE-2012-4243
RESERVED
CVE-2012-4242 (Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin ...)
@@ -10767,6 +10771,7 @@
CVE-2012-3868 (Race condition in the ns_client structure management in ISC BIND 9.9.x ...)
NOTE: https://kb.isc.org/article/AA-00730
- bind9 <not-affected> (Vulnerable code not present, only affects 9.9.x)
+ - isc-dhcp <not-affected> (embeds bind 9.8.x; this issue only affects 9.9.x)
CVE-2012-3867 (lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and ...)
{DSA-2511-1}
- puppet 2.7.18-1
@@ -10889,6 +10894,7 @@
CVE-2012-3817 (ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before ...)
{DSA-2517-1}
- bind9 1:9.8.1.dfsg.P1-4.2 (bug #683259)
+ - isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
NOTE: https://kb.isc.org/article/AA-00729
CVE-2012-XXXX [packagekit insecure temp file]
- packagekit 0.7.6-1 (bug #678189)
@@ -16252,8 +16258,7 @@
CVE-2012-1667 (ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before ...)
{DSA-2486-1}
- bind9 1:9.8.1.dfsg.P1-4.1
- - isc-dhcp <unfixed> (bug #698597)
- [squeeze] - isc-dhcp <not-affected> (isc-dhcp started embedding bind with version 4.2.x and later)
+ - isc-dhcp <not-affected> (issue only affects the named service, which isn't used by isc-dhcp)
CVE-2012-1666 (Untrusted search path vulnerability in VMware Tools in VMware ...)
NOT-FOR-US: VMware Tools
CVE-2012-1665
More information about the Secure-testing-commits
mailing list